A. Technical Field
The present invention relates to the field of integrated circuit, and more particularly, to systems, devices and methods of programming a data path of a microcontroller by selecting at least one of a plurality of data processing modes to process (e.g., encrypt, decrypt, format, etc.) data in the data path.
B. Background of the Invention
A microcontroller is normally a single integrated circuit comprising a central processing unit (CPU) core, memory, and input/output (I/O) peripherals. The CPU core ranges from simple 3-bit processors to complex 22-bit or 54-bit processors. A commonly used 8051-compatible microcontroller is based on an 8-bit CPU core. The I/O peripherals are used to interface the microcontroller with standard I/O devices, such as sensors and liquid crystal displays (LCD), and serial communication interfaces are normally used in the I/O peripherals. The memory in the microcontroller includes non-volatile random access memory (RAM) and read-only memory (ROM) for storing data and programs, respectively. The microcontroller architecture may vary to include more CPU cores, memory or I/O functions for various applications.
A secure microcontroller is used for applications that involve trusted operations on valuable assets in an insecure environment where a thief or hacker may gain access to processor cores, memory devices or I/O peripherals that are used to communicate and process sensitive data. This sensitive data may include account numbers, access codes, financial transactions/balances, rights management, metering (e.g., energy, units), program algorithms and other information. The secure microcontroller uses non-volatile RAM, e.g., a flash memory, rather than ROM for program storage, and additional enhanced security features are employed to avoid unauthorized accesses. To date, the secure microcontroller has been applied in a wide range of security-critical applications such as electronic banking, commercial transactions, and pay-TV access control, or any application that requires the protection of proprietary software and methods.
Since programs and data may be stored in an external memory of the secure microcontroller, data security and data integrity are two distinct threats that the external memory of a secure microcontroller should address. The first threat is sensitive information disclosure (i.e., data security) where confidential data is revealed and weakness in a program is exposed. The second threat is modification of application behavior (i.e., data integrity) which involves programs and data being modified in the external memory and results in a data integrity issue.
The secure microcontroller is designed to offer a level of security to data stored in the external memory. For instance, physical security is established against probing, and one example is the use of an anti-tampering enclosure. This solution may be expensive and does not cover new attack methods based on fault injection from power supply glitch, light, synchronous or asynchronous laser, or radioactive particles. The security features may also comprise memory encryption where data and addresses stored in the memory are encrypted or decrypted during the data exchanging process. As a result, the physical security perimeter can be limited to the microcontroller while the external memory and their communication buses can remain exposed physically.
Data integrity control is implemented for the programs and data stored in the external memory. Data integrity control is used to detect any willing or unwilling corruption between what was sent for writing to the memory by the microcontroller and what was stored in the memory. FIG. 1 illustrates a secure microcontroller 102 interfacing with an external memory 104 where the aforementioned data security and data integrity concerns are considered. The secure microcontroller 102 comprises a CPU core 106, an encryption and integrity protection block 108, a memory controller 110, a key storage 112 and buses for data, addresses and keys. Methods for integrity check, data encryption or data decryption are incorporated in the encryption and integrity protection block 108. During memory write or read cycles, the block 108 encrypts data from the CPU core 106 to payload data for storing in the memory 104, or decrypts payload data from the memory 104 to data subsequently received by the CPU core 106, respectively.